REST APIs

Receive and Send REST APIs and build your own integrations - long

  • Episodes5
  • Duration9m 36s
  • LanguagesEN
Episode 2

Typical REST Questions

We share typical questions relating the use of REST APIs

Introduction

In this episode, we will provide you with some advice in regard to the typical issues we see with organisations trying to implement REST APIs with eramba.

Feasibility

Integrations are used typically with an end goal, for example:

  • We track projects in Jira, we would like eramba audit records to create tasks in Jira as is where we follow up on work
  • We would like our SIEM solution to create incidents in eramba automatically. When that happens, eramba will trigger a notification to our team for follow-up.
  • Etc

Is important you understand that integration must be described as an "end goal", a technical person will then be able to determine:

  • What systems are involved
  • If these systems can actually provide this information
  • The cost of building all this

While technical aspects most times can be resolved one way or another, the cost involved in doing this is far greater than the benefits it provides. If your SIEM creates one incident a month, is perhaps simpler to do this manually.

Bottle Necks

If your integration is something that happens often and therefore you are looking at "saving time" by creating things manually, you need to consider the entire process rather than an action on itself.

For example:

  • An SIEM can create things in eramba automatically, but these things (incidents) will still have to be manually processed.
  • If you want to sync "assets" to eramba for later Risk assessment, you need to consider that while assets can be created very quickly the Risk assessment process is still a manual process.

A proper technical implementation will look at the process, the stages involved, which ones are automatic and which ones are manual and forecast a time model.

Database Duplication

We sometimes hear something like, "We want to synchronize our CMDB into the eramba Asset module". Technically speaking this is possible, but the feasibility is often times on the details.

Software needs to handle CRUD operations, if you do not know what this is then important you consider talking to a developer before making big plans. CRUD means: CREATE, READ, UPDATE and DELETE.

  • Creating assets in eramba can easily be done using REST
  • Assets will need to be reviewed by a human (manual process)
  • Assets will be linked to Risks (risk assessment is a manual process)
  • Risks will need to be reviewed (manual process)

So far, that is Creation. You need to consider what operations you will need for:

  • Reviewing (updating) the asset and the Risk
  • Removing an asset, will imply that the risk will have to be deleted or modified somehow

The point we are trying to make here is that synchronizing databases requires a lot more work (REST operations, comparisons, controller code, etc) than simply creating things. You will also face issues with manual tasks that will inevitably create bottlenecks.

Reporting

Serious reporting involves data from multiple inputs merged into a controller (calculations, etc) that then displays data (view) into very friendly and easy-to-understand terms. A whole industry called Business Intelligence exists that takes care of all these operations with incredible detail.

If you want to feed eramba data into your corporate reporting tools, you will then rely on REST calls. REST calls will prepare the controller and modelling aspects of data for your BI tooling. An alternative is to query the eramba SQL database directly (only for on-prem installations) but this will make things complicated as you will need to solve controlling and modelling on your own, not to mention our schema can change anytime without notice.

Third-Party

There is absolutely no point in a tool like eramba trying to integrate into the endless number of applications that exist in the world. For this reason we often times recommend you use workflow automation tools (Zappier, Make.com, etc) in between eramba webhooks and your end solutions.

These third-party systems have integrations resolved (authentication in particular) so all you need to do is send data to them in the format they need, and then the rest is taken care of by them.